Ghost/core/server/services/members/stripe-connect.js

const errors = require('@tryghost/errors');
const tpl = require('@tryghost/tpl');
const {Buffer} = require('buffer');
const {randomBytes} = require('crypto');
const {URL} = require('url');

const config = require('../../../shared/config');
const urlUtils = require('../../../shared/url-utils');

const messages = {
    incorrectState: 'State did not match.'
};

const STATE_PROP = 'stripe-connect-state';

const liveClientID = 'ca_8LBuZWhYshxF0A55KgCXu8PRTquCKC5x';
const testClientID = 'ca_8LBum4Ctv3mmJ1oD0ZRmxjdAhNrrBUy3';
const redirectURI = 'https://stripe.ghost.org';

/**
 * @function getStripeConnectOAuthUrl
 * @desc Returns a url for the auth endpoint for Stripe Connect, generates state and stores it on the session.
 *
 * @param {(prop: string, val: any) => Promise<void>} setSessionProp - A function to set data on the current session
 * @param {'live' | 'test'} mode - Which stripe mode to set up
 *
 * @returns {Promise<URL>}
 */
async function getStripeConnectOAuthUrl(setSessionProp, mode = 'live') {
    checkCanConnect();
    const randomState = randomBytes(16).toString('hex');
    const state = Buffer.from(JSON.stringify({
        mode,
        randomState
    })).toString('base64');

    await setSessionProp(STATE_PROP, state);

    const clientID = mode === 'live' ? liveClientID : testClientID;

    const authUrl = new URL('https://connect.stripe.com/oauth/authorize');
    authUrl.searchParams.set('response_type', 'code');
    authUrl.searchParams.set('scope', 'read_write');
    authUrl.searchParams.set('client_id', clientID);
    authUrl.searchParams.set('redirect_uri', redirectURI);
    authUrl.searchParams.set('state', state);

    return authUrl;
}

/**
 * @function getStripeConnectTokenData
 * @desc Returns the api keys and the livemode for a Stripe Connect integration after validating the state.
 *
 * @param {string} encodedData - A string encoding the response from Stripe Connect
 * @param {(prop: string) => Promise<any>} getSessionProp - A function to retrieve data from the current session
 *
 * @returns {Promise<{secret_key: string, public_key: string, livemode: boolean, display_name: string, account_id: string}>}
 */
async function getStripeConnectTokenData(encodedData, getSessionProp) {
    const data = JSON.parse(Buffer.from(encodedData, 'base64').toString());

    const state = await getSessionProp(STATE_PROP);

    if (state !== data.s) {
        throw new errors.NoPermissionError(tpl(messages.incorrectState));
    }

    return {
        public_key: data.p,
        secret_key: data.a,
        livemode: data.l,
        display_name: data.n,
        account_id: data.i
    };
}

function checkCanConnect() {
    const siteUrl = urlUtils.getSiteUrl();
    const productionMode = config.get('env') === 'production';
    const siteUrlUsingSSL = /^https/.test(siteUrl);
    const cannotConnectToStripe = productionMode && !siteUrlUsingSSL;
    if (cannotConnectToStripe) {
        throw new errors.BadRequestError('Cannot connect to stripe unless site is using https://');
    }
}

module.exports = {
    getStripeConnectOAuthUrl,
    getStripeConnectTokenData,
    STATE_PROP
};
Replaced usage of Error with @tryghost/errors (#13161) refs https://github.com/TryGhost/Ghost/commit/2f1123d6ca7894fc21499739f46f0ae5c9eda73a Usage of the raw Error class has been deprecated in favour of our own errors, which are more descriptive and have built in HTTP status codes. This also updates the same errors to use @tryghost/tpl for the error messages, which is the new pattern we are following in order for us to deprecate the i18n module. 2021-07-19 13:46:38 +03:00			`const errors = require('@tryghost/errors');`
			`const tpl = require('@tryghost/tpl');`
Added stripe connect module to member service no-issue This module handles the creation of a url used for authorization of Stripe Connect, and also the parsing of the data eventually received from the authorization flow. 2020-05-28 13:40:48 +03:00			`const {Buffer} = require('buffer');`
			`const {randomBytes} = require('crypto');`
			`const {URL} = require('url');`

Fixed max-complexity-warnings for stripe_connect API no-issue This removes the logic to check if stripe connect is allowed into the stripe connect service, which makes the feature easier to maintain, as well as fixes the v3 API - which previously did not have this check. 2021-10-25 15:04:25 +03:00			`const config = require('../../../shared/config');`
			`const urlUtils = require('../../../shared/url-utils');`

Replaced usage of Error with @tryghost/errors (#13161) refs https://github.com/TryGhost/Ghost/commit/2f1123d6ca7894fc21499739f46f0ae5c9eda73a Usage of the raw Error class has been deprecated in favour of our own errors, which are more descriptive and have built in HTTP status codes. This also updates the same errors to use @tryghost/tpl for the error messages, which is the new pattern we are following in order for us to deprecate the i18n module. 2021-07-19 13:46:38 +03:00			`const messages = {`
			`incorrectState: 'State did not match.'`
			`};`

Added stripe connect module to member service no-issue This module handles the creation of a url used for authorization of Stripe Connect, and also the parsing of the data eventually received from the authorization flow. 2020-05-28 13:40:48 +03:00			`const STATE_PROP = 'stripe-connect-state';`

Added support for stripe connect test mode no-issue This adds the ability to pass a `mode` param of 'test' to the members stripe connect service, which will ensure we use a testmode client_id for the Stripe Connect OAuth flow. This will allow users to connect their account in testmode. 2020-06-10 14:19:04 +03:00			`const liveClientID = 'ca_8LBuZWhYshxF0A55KgCXu8PRTquCKC5x';`
			`const testClientID = 'ca_8LBum4Ctv3mmJ1oD0ZRmxjdAhNrrBUy3';`
Added stripe connect module to member service no-issue This module handles the creation of a url used for authorization of Stripe Connect, and also the parsing of the data eventually received from the authorization flow. 2020-05-28 13:40:48 +03:00			`const redirectURI = 'https://stripe.ghost.org';`

			`/**`
			`* @function getStripeConnectOAuthUrl`
			`* @desc Returns a url for the auth endpoint for Stripe Connect, generates state and stores it on the session.`
			`*`
			`* @param {(prop: string, val: any) => Promise<void>} setSessionProp - A function to set data on the current session`
Added support for stripe connect test mode no-issue This adds the ability to pass a `mode` param of 'test' to the members stripe connect service, which will ensure we use a testmode client_id for the Stripe Connect OAuth flow. This will allow users to connect their account in testmode. 2020-06-10 14:19:04 +03:00			`* @param {'live' \| 'test'} mode - Which stripe mode to set up`
Added stripe connect module to member service no-issue This module handles the creation of a url used for authorization of Stripe Connect, and also the parsing of the data eventually received from the authorization flow. 2020-05-28 13:40:48 +03:00			`*`
			`* @returns {Promise<URL>}`
			`*/`
Added support for stripe connect test mode no-issue This adds the ability to pass a `mode` param of 'test' to the members stripe connect service, which will ensure we use a testmode client_id for the Stripe Connect OAuth flow. This will allow users to connect their account in testmode. 2020-06-10 14:19:04 +03:00			`async function getStripeConnectOAuthUrl(setSessionProp, mode = 'live') {`
Fixed max-complexity-warnings for stripe_connect API no-issue This removes the logic to check if stripe connect is allowed into the stripe connect service, which makes the feature easier to maintain, as well as fixes the v3 API - which previously did not have this check. 2021-10-25 15:04:25 +03:00			`checkCanConnect();`
Encoded the mode in the Stripe Connect OAuth state no-issue The service at stripe.ghost.org must know which client_secret to use, either the test, or live one. By encoding a JSON object as the state we are able to pass data through the flow to inform this decision at the end. Note, that we still keep a random value in the state to protect against CSRF attacks. 2020-06-10 14:31:03 +03:00			`const randomState = randomBytes(16).toString('hex');`
			`const state = Buffer.from(JSON.stringify({`
			`mode,`
			`randomState`
			`})).toString('base64');`
Added stripe connect module to member service no-issue This module handles the creation of a url used for authorization of Stripe Connect, and also the parsing of the data eventually received from the authorization flow. 2020-05-28 13:40:48 +03:00
			`await setSessionProp(STATE_PROP, state);`

Added support for stripe connect test mode no-issue This adds the ability to pass a `mode` param of 'test' to the members stripe connect service, which will ensure we use a testmode client_id for the Stripe Connect OAuth flow. This will allow users to connect their account in testmode. 2020-06-10 14:19:04 +03:00			`const clientID = mode === 'live' ? liveClientID : testClientID;`

Added stripe connect module to member service no-issue This module handles the creation of a url used for authorization of Stripe Connect, and also the parsing of the data eventually received from the authorization flow. 2020-05-28 13:40:48 +03:00			`const authUrl = new URL('https://connect.stripe.com/oauth/authorize');`
			`authUrl.searchParams.set('response_type', 'code');`
			`authUrl.searchParams.set('scope', 'read_write');`
			`authUrl.searchParams.set('client_id', clientID);`
			`authUrl.searchParams.set('redirect_uri', redirectURI);`
			`authUrl.searchParams.set('state', state);`

			`return authUrl;`
			`}`

			`/**`
			`* @function getStripeConnectTokenData`
			`* @desc Returns the api keys and the livemode for a Stripe Connect integration after validating the state.`
			`*`
			`* @param {string} encodedData - A string encoding the response from Stripe Connect`
			`* @param {(prop: string) => Promise<any>} getSessionProp - A function to retrieve data from the current session`
			`*`
Replaced usage of Error with @tryghost/errors (#13161) refs https://github.com/TryGhost/Ghost/commit/2f1123d6ca7894fc21499739f46f0ae5c9eda73a Usage of the raw Error class has been deprecated in favour of our own errors, which are more descriptive and have built in HTTP status codes. This also updates the same errors to use @tryghost/tpl for the error messages, which is the new pattern we are following in order for us to deprecate the i18n module. 2021-07-19 13:46:38 +03:00			`* @returns {Promise<{secret_key: string, public_key: string, livemode: boolean, display_name: string, account_id: string}>}`
Added stripe connect module to member service no-issue This module handles the creation of a url used for authorization of Stripe Connect, and also the parsing of the data eventually received from the authorization flow. 2020-05-28 13:40:48 +03:00			`*/`
			`async function getStripeConnectTokenData(encodedData, getSessionProp) {`
			`const data = JSON.parse(Buffer.from(encodedData, 'base64').toString());`

			`const state = await getSessionProp(STATE_PROP);`

			`if (state !== data.s) {`
Replaced usage of Error with @tryghost/errors (#13161) refs https://github.com/TryGhost/Ghost/commit/2f1123d6ca7894fc21499739f46f0ae5c9eda73a Usage of the raw Error class has been deprecated in favour of our own errors, which are more descriptive and have built in HTTP status codes. This also updates the same errors to use @tryghost/tpl for the error messages, which is the new pattern we are following in order for us to deprecate the i18n module. 2021-07-19 13:46:38 +03:00			`throw new errors.NoPermissionError(tpl(messages.incorrectState));`
Added stripe connect module to member service no-issue This module handles the creation of a url used for authorization of Stripe Connect, and also the parsing of the data eventually received from the authorization flow. 2020-05-28 13:40:48 +03:00			`}`

			`return {`
			`public_key: data.p,`
			`secret_key: data.a,`
Added display_name & account_id to stripe connect no-issue This will allow us to display this information in the Admin to make it easier for the user to see what the current state is. 2020-06-09 17:37:07 +03:00			`livemode: data.l,`
			`display_name: data.n,`
			`account_id: data.i`
Added stripe connect module to member service no-issue This module handles the creation of a url used for authorization of Stripe Connect, and also the parsing of the data eventually received from the authorization flow. 2020-05-28 13:40:48 +03:00			`};`
			`}`

Fixed max-complexity-warnings for stripe_connect API no-issue This removes the logic to check if stripe connect is allowed into the stripe connect service, which makes the feature easier to maintain, as well as fixes the v3 API - which previously did not have this check. 2021-10-25 15:04:25 +03:00			`function checkCanConnect() {`
			`const siteUrl = urlUtils.getSiteUrl();`
			`const productionMode = config.get('env') === 'production';`
			`const siteUrlUsingSSL = /^https/.test(siteUrl);`
			`const cannotConnectToStripe = productionMode && !siteUrlUsingSSL;`
			`if (cannotConnectToStripe) {`
			`throw new errors.BadRequestError('Cannot connect to stripe unless site is using https://');`
			`}`
			`}`

Added stripe connect module to member service no-issue This module handles the creation of a url used for authorization of Stripe Connect, and also the parsing of the data eventually received from the authorization flow. 2020-05-28 13:40:48 +03:00			`module.exports = {`
			`getStripeConnectOAuthUrl,`
			`getStripeConnectTokenData,`
			`STATE_PROP`
			`};`